Change lock issue API endpoint to fit GitHub specifications

Author: YaFou

models/issues/issue_test.go

@@ -468,9 +468,6 @@ func TestMigrate_CreateIssuesIsPullTrue(t *testing.T) {
 }
 
 func TestIssueLock_IsValidReason(t *testing.T) {
-	// Init settings
-	_ = setting.Repository
-
 	cases := []struct {
 		reason   string
 		expected bool

modules/structs/issue.go

@@ -269,5 +269,5 @@ type IssueMeta struct {
 
 // LockIssueOption options to lock an issue
 type LockIssueOption struct {
-	Reason string `json:"reason"`
+	Reason string `json:"lock_reason"`
 }

routers/api/v1/api.go

@@ -1523,7 +1523,8 @@ func Routes() *web.Router {
 							m.Patch("/{position}", reqToken(), reqAdmin(), repo.MoveIssuePin)
 						})
 						m.Group("/lock", func() {
-							m.Combo("").Post(bind(api.LockIssueOption{}), repo.LockIssue).
+							m.Combo("").
+								Put(bind(api.LockIssueOption{}), repo.LockIssue).
 								Delete(repo.UnlockIssue)
 						}, reqToken())
 					})

routers/api/v1/repo/issue_lock.go

@@ -1,11 +1,13 @@
-// Copyright 2019 The Gitea Authors. All rights reserved.
+// Copyright 2025 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
 package repo
 
 import (
 	"errors"
 	"net/http"
+	"strings"
+	"unicode"
 
 	issues_model "code.gitea.io/gitea/models/issues"
 	api "code.gitea.io/gitea/modules/structs"
@@ -15,7 +17,7 @@ import (
 
 // LockIssue lock an issue
 func LockIssue(ctx *context.APIContext) {
-	// swagger:operation POST /repos/{owner}/{repo}/issues/{index}/lock issue issueLockIssue
+	// swagger:operation PUT /repos/{owner}/{repo}/issues/{index}/lock issue issueLockIssue
 	// ---
 	// summary: Lock an issue
 	// consumes:
@@ -46,8 +48,6 @@ func LockIssue(ctx *context.APIContext) {
 	// responses:
 	//   "204":
 	//     "$ref": "#/responses/empty"
-	//   "208":
-	//     "$ref": "#/responses/empty"
 	//   "400":
 	//     "$ref": "#/responses/error"
 	//   "403":
@@ -56,6 +56,15 @@ func LockIssue(ctx *context.APIContext) {
 	//     "$ref": "#/responses/notFound"
 
 	reason := web.GetForm(ctx).(*api.LockIssueOption).Reason
+	reason = strings.ToLower(reason)
+
+	if reason != "" {
+		// make the first character uppercase
+		runes := []rune(reason)
+		runes[0] = unicode.ToUpper(runes[0])
+		reason = string(runes)
+	}
+
 	if !issues_model.IsValidReason(reason) {
 		ctx.APIError(http.StatusBadRequest, errors.New("reason not valid"))
 		return
@@ -76,22 +85,19 @@ func LockIssue(ctx *context.APIContext) {
 		return
 	}
 
-	if issue.IsLocked {
-		ctx.Status(http.StatusAlreadyReported)
-		return
-	}
-
-	opt := &issues_model.IssueLockOptions{
-		Doer:   ctx.ContextUser,
-		Issue:  issue,
-		Reason: reason,
-	}
+	if !issue.IsLocked {
+		opt := &issues_model.IssueLockOptions{
+			Doer:   ctx.ContextUser,
+			Issue:  issue,
+			Reason: reason,
+		}
 
-	issue.Repo = ctx.Repo.Repository
-	err = issues_model.LockIssue(ctx, opt)
-	if err != nil {
-		ctx.APIErrorInternal(err)
-		return
+		issue.Repo = ctx.Repo.Repository
+		err = issues_model.LockIssue(ctx, opt)
+		if err != nil {
+			ctx.APIErrorInternal(err)
+			return
+		}
 	}
 
 	ctx.Status(http.StatusNoContent)
@@ -126,8 +132,6 @@ func UnlockIssue(ctx *context.APIContext) {
 	// responses:
 	//   "204":
 	//     "$ref": "#/responses/empty"
-	//   "208":
-	//     "$ref": "#/responses/empty"
 	//   "403":
 	//     "$ref": "#/responses/forbidden"
 	//   "404":
@@ -148,21 +152,18 @@ func UnlockIssue(ctx *context.APIContext) {
 		return
 	}
 
-	if !issue.IsLocked {
-		ctx.Status(http.StatusAlreadyReported)
-		return
-	}
-
-	opt := &issues_model.IssueLockOptions{
-		Doer:  ctx.ContextUser,
-		Issue: issue,
-	}
+	if issue.IsLocked {
+		opt := &issues_model.IssueLockOptions{
+			Doer:  ctx.ContextUser,
+			Issue: issue,
+		}
 
-	issue.Repo = ctx.Repo.Repository
-	err = issues_model.UnlockIssue(ctx, opt)
-	if err != nil {
-		ctx.APIErrorInternal(err)
-		return
+		issue.Repo = ctx.Repo.Repository
+		err = issues_model.UnlockIssue(ctx, opt)
+		if err != nil {
+			ctx.APIErrorInternal(err)
+			return
+		}
 	}
 
 	ctx.Status(http.StatusNoContent)

templates/swagger/v1_json.tmpl

@@ -1,4 +1,4 @@
-// Copyright 2017 The Gitea Authors. All rights reserved.
+// Copyright 2025 The Gitea Authors. All rights reserved.
 // SPDX-License-Identifier: MIT
 
 package integration
@@ -32,23 +32,31 @@ func TestAPILockIssue(t *testing.T) {
 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteIssue)
 
 	// check invalid reason
-	req := NewRequestWithJSON(t, "POST", urlStr, api.LockIssueOption{Reason: "Not valid"}).AddTokenAuth(token)
+	req := NewRequestWithJSON(t, "PUT", urlStr, api.LockIssueOption{Reason: "Not valid"}).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusBadRequest)
 
 	// check lock issue
-	req = NewRequestWithJSON(t, "POST", urlStr, api.LockIssueOption{Reason: "Spam"}).AddTokenAuth(token)
+	req = NewRequestWithJSON(t, "PUT", urlStr, api.LockIssueOption{Reason: "Spam"}).AddTokenAuth(token)
 	MakeRequest(t, req, http.StatusNoContent)
 	issueAfter := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 1})
 	assert.True(t, issueAfter.IsLocked)
 
-	// check locking a second time
-	MakeRequest(t, req, http.StatusAlreadyReported)
+	// check reason is case insensitive
+	unlockReq := NewRequest(t, "DELETE", urlStr).AddTokenAuth(token)
+	MakeRequest(t, unlockReq, http.StatusNoContent)
+	issueAfter = unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 1})
+	assert.False(t, issueAfter.IsLocked)
+
+	req = NewRequestWithJSON(t, "PUT", urlStr, api.LockIssueOption{Reason: "too heated"}).AddTokenAuth(token)
+	MakeRequest(t, req, http.StatusNoContent)
+	issueAfter = unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 1})
+	assert.True(t, issueAfter.IsLocked)
 
 	// check with other user
 	user34 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 34})
 	session34 := loginUser(t, user34.Name)
 	token34 := getTokenForLoggedInUser(t, session34, auth_model.AccessTokenScopeAll)
-	req = NewRequestWithJSON(t, "POST", urlStr, api.LockIssueOption{Reason: "Spam"}).AddTokenAuth(token34)
+	req = NewRequestWithJSON(t, "PUT", urlStr, api.LockIssueOption{Reason: "Spam"}).AddTokenAuth(token34)
 	MakeRequest(t, req, http.StatusForbidden)
 }
 
@@ -63,7 +71,7 @@ func TestAPIUnlockIssue(t *testing.T) {
 	session := loginUser(t, owner.Name)
 	token := getTokenForLoggedInUser(t, session, auth_model.AccessTokenScopeWriteIssue)
 
-	lockReq := NewRequestWithJSON(t, "POST", urlStr, api.LockIssueOption{Reason: "Spam"}).AddTokenAuth(token)
+	lockReq := NewRequestWithJSON(t, "PUT", urlStr, api.LockIssueOption{Reason: "Spam"}).AddTokenAuth(token)
 	MakeRequest(t, lockReq, http.StatusNoContent)
 
 	// check unlock issue
@@ -72,9 +80,6 @@ func TestAPIUnlockIssue(t *testing.T) {
 	issueAfter := unittest.AssertExistsAndLoadBean(t, &issues_model.Issue{ID: 1})
 	assert.False(t, issueAfter.IsLocked)
 
-	// check unlocking a second time
-	MakeRequest(t, req, http.StatusAlreadyReported)
-
 	// check with other user
 	user34 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 34})
 	session34 := loginUser(t, user34.Name)